Visible to the public Ports Distribution Management for Privacy Protection Inside Local Domain Name System

TitlePorts Distribution Management for Privacy Protection Inside Local Domain Name System
Publication TypeConference Paper
Year of Publication2016
AuthorsSong, Fei, Quan, Wei, Zhao, Tianming, Zhang, Hongke, Hu, Ziwei, You, Ilsun
Conference NameProceedings of the 8th ACM CCS International Workshop on Managing Insider Security Threats
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-4571-2
Keywordsdomain name system, ports distribution, privacy protection, pubcrawl, resilience, Resource management, Scalability, Security by Default

Domain Name System (DNS) had been recognized as an indispensable and fundamental infrastructure of current Internet. However, due to the original design philosophy and easy access principle, one can conveniently wiretap the DNS requests and responses. Such phenomenon is a serious threat for user privacy protection especially when an inside hacking takes place. Motivated by such circumstances, we proposed a ports distribution management solution to relieve the potential information leakage inside local DNS. Users will be able to utilize pre-assigned port numbers instead of default port 53. Selection method of port numbers at the server side and interactive process with corresponding end host are investigated. The necessary implementation steps, including modifications of destination port field, extension option usage, etc., are also discussed. A mathematical model is presented to further evaluate the performance. Both the possible blocking probability and port utilization are illustrated. We expect that this solution will be beneficial not only for the users in security enhancement, but also for the DNS servers in resources optimization.

Citation Keysong_ports_2016